EPS
← All batches·2605.17128

New Wide-Net-Casting Jailbreak Attacks Risk Large Models

topic: current_projecttop score: 100released: 2026-05-19first surfaced: 2026-05-19arXivPDFthreats2026-05-19

Authors: Qiuchi Xiang, Haoxuan Qu, Hossein Rahmani et al.

arXiv · PDF

Summary

arXiv:2605. 17128v1 Announce Type: new Abstract: Jailbreak attacks on large models have drawn growing attention due to their close ties to societal safety.

Relevance

Read next because New Wide-Net-Casting Jailbreak Attacks Risk Large Models overlaps with clean result "Language-mismatch LoRA SFT on Qwen2.5-7B leaks the trained completion language into bystander directives the model was never trained on, absent under same-language SFT (LOW confidence)", clean result "Only continuous soft prefixes hit both EM axes at once on Qwen-2.5-7B-Instruct: discrete prompt searches split between the alignment objective and the distributional objective, and both discretizations of the soft prefix collapse (MODERATE confidence)", clean result "The marker is a representational handle, not a behavioural one — sharing it between a villain persona and the assistant transfers no misalignment (HIGH confidence)". Matching terms: under, eval, rate, without, model. Source: arxiv cs.CR (Cryptography and Security).

Threat model

Potential threat/caveat for clean result "Language-mismatch LoRA SFT on Qwen2.5-7B leaks the trained completion language into bystander directives the model was never trained on, absent under same-language SFT (LOW confidence)": this item discusses evaluation.

Abstract

arXiv:2605.17128v1 Announce Type: new Abstract: Jailbreak attacks on large models have drawn growing attention due to their close ties to societal safety. This work identifies a practical yet unexplored jailbreak scenario, the wide-net-casting scenario, where an adversary can query a group of large models instead of a single one to elicit harmful outputs. Our analysis reveals substantial yet previously overlooked safety risks under this scenario. As a key part of our analysis, we further develop a novel jailbreak method tailored to the wide-net-casting scenario. With this tailored method, the jailbreak success rate can even reach 100% in some experiments when targeting the large models without additional safeguards, exposing wide-net-casting as a distinct, high-risk scenario that warrants attention in future evaluation and defense research.